<?php
	if (!isset($_SESSION['password']) || $_POST['txtUserName']!="") 
	{
		//$_SESSION['username']=$_POST['username'];
		//$_SESSION['password']=$_POST['password'];
		//$_SESSION['lang']=$_POST['lang'];
		$_SESSION['username']=$_POST['txtUserName'];
		$_SESSION['password']=$_POST['txtPass'];
	}
	
	
	include("startup.php");
	
	include("modules/menu/menuclass.php");
	
	include("modules/info/infoclass.php");
	include("modules/customer/customerclass.php");
	
	include("modules/post/postclass.php");
	include("modules/feedback/feedbackclass.php");
	include("modules/support/supportclass.php");
	include("modules/request/requestclass.php");
	include("modules/tblrequest/tblrequestclass.php");
	include("modules/weblink/weblinkclass.php");
	include("modules/module/moduleclass.php");
	include("modules/usertype/usertypeclass.php");
	include("modules/permission/permissionclass.php");
	include("modules/user/userclass.php");
	
	//
	
	$ob=new ClassConnect();
	$conn = $ob->connecttion($host,$db,$user,$pass);
	$module=$_GET['module'];
	if($module=="")
		$module="menu";
	$action=$_GET['action'];
	$id=$_GET['id'];
	$cid=$_GET['cid'];
	$vali = new ClassValidation();
	$dt =new ClassDateTime();
	if($vali->_checkLetterNunberOnly($_SESSION['username'])==false || $vali->_checkLetterNunberOnly($_SESSION['password'])==false)
	{
		//writelog($conn,$_SESSION['username'],"Log in khong thanh cong");
		$url="index.php?p=1";
		echo "<script language='JavaScript'> window.location = '".$url."'</script>";
	}
	$objUser=new User();
	$objModule=new Module();
	$objUserType=new UserType();
	$objModule->loadByKey($module);
	$objUser->loadByKey($_SESSION['username']);
	
	if($objUser->Pass!=$_SESSION['password'])
	{
		$url="index.php?p=1";
		echo "<script language='JavaScript'> window.location = '".$url."'</script>";
	}
	$objUserType->loadByKey($objUser->UserTypeID);
	if($objUserType->isPermission($module)==-1 && $module!="" && $module!="changepass")
	{
		echo "<script language='JavaScript'> alert('Access denied')</script>";
		$url="?";
		echo "<script language='JavaScript'> window.location = '".$url."'</script>";
	}
	$list=$objUserType->getListModule();
	//print_r($list);
	//echo count($list);
?>